An intuitive model for prediction of IOT-Botnet attacks efficiently by using machine learning algorithms
Main Article Content
Keywords
IOT, botnet attacks, secure data, two fold, trigger attack, NTA, RTD, DMU, SVM
Abstract
Internet of Things (IoT) devices have revolutionized various aspects of modern life, yet their widespread adoption has led to an increase in security vulnerabilities. One of the significant threats posed by compromised IoT devices is their utilization in botnet attacks, where a large number of devices are harnessed to carry out malicious activities. This paper presents an innovative approach to detecting IoT botnet attacks through a comprehensive two-fold machine learning algorithm. The first facet of the algorithm focuses on proactive prevention by leveraging anomaly detection techniques. Through the analysis of historical data and the identification of baseline behavior patterns, the algorithm learns to distinguish normal IoT device activities from anomalies. Unusual data patterns, resource usage deviations, and irregular communication sequences trigger alerts that prompt further investigation. This aspect establishes a preemptive line of defense against potential botnet recruitment. The second facet centers on real-time detection by employing behavioral analysis. By continuously monitoring the behavior of IoT devices in the network, the algorithm identifies deviations from expected patterns. Supervised machine learning models are trained to differentiate between benign and malicious behaviors. Alerts are generated in real-time when the observed behavior aligns with botnet attack patterns, allowing for immediate intervention and mitigation. The proposed two-fold approach capitalizes on machine learning's capability to adapt and evolve over time. Regular updates to the models ensure they remain effective against emerging attack techniques. However, the implementation of such an approach requires meticulous consideration of ethical implications, false positive/negative rates, and integration with existing security measures. Through the convergence of proactive prevention and real-time detection, this algorithm offers a robust defense against the ever-evolving landscape of IoT botnet attacks, enhancing the security and resilience of IoT ecosystems
References
[2] F. Hussain et al., "A Two-Fold Machine Learning Approach to Prevent and Detect IoT Botnet Attacks," in IEEE Access, vol. 9, pp. 163412-163430, 2021, doi: 10.1109/ACCESS.2021.3131014.
[3] Y. Zhang, X. Chen, D. Guo, M. Song, Y. Teng, and X. Wang, ‘‘PCCN: Parallel cross convolutional neural network for abnormal network traffic flows detection in multi-class imbalanced network traffic flows,’’ IEEE Access, vol. 7, pp. 119904–119916, 2019.
[4] A. Esfahan and D. L. Bhaskari, ‘‘Intrusion detection using random forests classifier with SMOTE and feature reduction,’’ in Proc. Int. Conf. Cloud Ubiquitous Computer. Emerg. Technol., Nov. 2013, pp. 127–13.
[5] T. Trajanovski and N. Zhang, "An Automated and Comprehensive Framework for IoT Botnet Detection and Analysis (IoT-BDA)," in IEEE Access, vol. 9, pp. 124360- 124383, 2021, doi: 10.1109/ACCESS.2021.3110188.
[6] K. Alieyan, A. ALmomani, A. Manasrah, and M. M. Kadhum, ‘‘A survey of botnet detection based on DNS,’’ Neural Comput. Appl., vol. 28, no. 7, pp. 1541–1558, Jul. 2017
[7] S. Haq and Y. Singh, "Botnet Detection using Machine Learning," 2018 Fifth International Conference on Parallel, Distributed and Grid Computing (PDGC), 2018, pp. 240-245, doi: 10.1109/PDGC.2018.8745912
[8] D. Zhuang and J. M. Chang, ‘‘Enhanced PeerHunter: Detecting peer-to-peer botnets through network-flow level community behaviour analysis,’’ IEEE Trans. Inf. Forensics Security, vol. 14, no. 6, pp. 1485–1500, Jun. 2019
[9] X. D. Hoang, ‘‘Botnet detection based on machine learning techniques using DNS query data,’’ Future Internet, vol. 10, no. 5, pp. 1–11, 2018.
[10] R. Chen, W. Niu, X. Zhang, Z. Zhuo, and F. Lv, ‘‘An effective conversation-based botnet detection method,’’ Math. Problems Eng., vol. 2017, pp. 1–9, Apr. 2017.
[11] D. Zhao, I. Traore, B. Sayed, W. Lu, S. Saad, A. Ghorbani, and D. Garant, ‘‘Botnet detection based on traffic behavior analysis and flow intervals,’’ Comput. Secur., vol. 39, pp. 2–16, Nov. 2013.
[12] Z. Bazrafshan, H. Hashemi, S. M. H. Fard, and A. Hamzeh, ‘‘A survey on heuristic malware detection techniques,’’ in Proc. 5th Conf. Inf. Knowl. Technol., May 2013, pp. 113–120.
[13] J. A. Caicedo-Muñoz, A. L. Espino, J. C. Corrales, and A. Rendón, ‘‘QoSclassifier for VPN and non-VPN traffic based on time-related features,’’ Comput. Netw., vol. 144, pp. 271–279, Oct. 2018.
[14] R. Rapuzzi and M. Repetto, ‘‘Building situational awareness for network threats in fog/edge computing: Emerging paradigms beyond the security perimeter model,’’ Future Gener. Comput. Syst., vol. 85, pp. 235–249, Aug. 2018
[15] P. Sun, J. Li, M. Z. A. Bhuiyan, L. Wang, and B. Li, ‘‘Modeling and clustering attacker activities in IoT through machine learning techniques,’’ Inf. Sci., vol. 479, pp. 456–471, Apr. 2019.